You set the [kbd]config[/kbd] authentication type and included username and password for auto-login, which is not a desirable option for live hosts. Anyone who knows or guesses your phpMyAdmin URL can directly access your phpMyAdmin panel. Set %1$sauthentication type%2$s to [kbd]cookie[/kbd] or [kbd]http[/kbd].